CVE-2025-32706
HIGH KEVWindows Common Log File System Driver - Authenticated Privilege Escalation via Improper Input Validation
Title source: llmExploitation Summary
CVE-2025-32706 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 13, 2025.
Description
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32706
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32706
Exploit, Third Party Advisory
https://www.vicarius.io/vsociety/posts/cve-2025-32706-detection-script-elevation-of-privilege-vulnerability-in-microsoft-windows-common-log-file-system-driver
Exploit, Mitigation, Third Party Advisory
https://www.vicarius.io/vsociety/posts/cve-2025-32706-mitigation-script-elevation-of-privilege-vulnerability-in-microsoft-windows-common-log-file-system-driver
Scores
CVSS v3
7.8
EPSS
0.0112
EPSS Percentile
78.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2025-05-13
VulnCheck KEV
2025-05-13
ENISA EUVD
EUVD-2025-14441
CWE
CWE-20
Status
published
Products (16)
microsoft/windows_10_1507
< 10.0.10240.21014
microsoft/windows_10_1607
< 10.0.14393.8066
microsoft/windows_10_1809
< 10.0.17763.7314 (2 CPE variants)
microsoft/windows_10_21h2
< 10.0.19044.5854
microsoft/windows_10_22h2
< 10.0.19045.5854
microsoft/windows_11_22h2
< 10.0.22621.5335
microsoft/windows_11_23h2
< 10.0.22631.5335
microsoft/windows_11_24h2
< 10.0.26100.3981
microsoft/windows_server_2008
microsoft/windows_server_2008
r2 sp1
... and 6 more
Published
May 13, 2025
KEV Added
May 13, 2025
Tracked Since
Feb 18, 2026